DISA updates draft cloud security guidelines

DISA updates draft cloud security guidelines

As the Department of Defense looks to move more resources to the cloud, the Defense Information Systems Agency has updated its draft guidance on cloud security.

The first of three revised documents is an updated version of the Department of Defense Cloud Computing Security Requirements Guide, which “outlines the security model by which DOD will leverage cloud computing along with the security controls and additional requirements necessary for using cloud-based solutions.”

The next document, a cloud access point (CAP) functional requirements document, identifies the security, network and performance considerations for protecting the Department of Defense Information Network where it meets the cloud service environment. CAPs are designed to detect and prevent an attack before it reaches the DODIN and to provide perimeter defenses and sensing for applications hosted in the commercial cloud service. 

The third document, a draft concept of operations, defines procedures for the organizations that will defend DODIN in the cloud.

All three drafts are available for community review; comments are due by Aug. 22.  

About the Author

Mark Pomerleau is a former editorial fellow with GCN and Defense Systems.

inside gcn

  • abstract view of data (agsandrew/Shutterstock.com)

    Can quantum computing prevent an encryption meltdown?

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group